CVE-2025-54761

High CVSS: 8.0

An issue was discovered in PPress 0.0.9 allowing attackers to gain escilated privlidges via crafted session cookie.

Vendor

Product

CWE

Yayın Tarihi

2025-09-19 20:15:39

Güncelleme

2025-09-25 19:34:15

Source Identifier

cve@mitre.org

KEV Date Added

CWE-269 Ppress HIGH Yandaozi 2025

https://github.com/quarter77/PPress-CMS_vulnerability_chain_details/blob/main/CVE-2025-54761%20Details.md https://github.com/yandaozi/PPress/releases/tag/v0.0.9-beta

High

CVE-2025-52159

Hardcoded credentials in default configuration of PPress 0.0.9.

High

CVE-2025-54815

Server-side template injection (SSTI) vulnerability in PPress 0.0.9 allows attackers to execute arbitrary code via craft…

Medium

CVE-2025-25973

A stored Cross Site Scripting vulnerability in the "related recommendations" feature in Ppress v.0.0.9 allows a remote a…